• Nix solves the package manager ejection problem

    This blog post operates on two levels.

    On a very direct level, I built a desktop machine with an AMD Radeon RX 5600 XT graphics card and I’ve been fighting a rather annoying interaction with dual monitors on Linux. Here’s how it goes:

    1. After some defined period of inactivity, the system tries to standby / suspend / turn off both monitors.
    2. Both monitors respond to the DPMS commands and briefly blank.
    3. After a few seconds, one of them comes on again, quickly followed by the other one, in an arbitrary order.
    4. XFCE “helpfully” detects this as a monitor hotplug event and pops open a display configuration dialog.

    Stepping away to make a coffee now means periodic flickering and coming back to 5 - 10 XFCE monitor configuration dialogs taking over my screen. Very annoying!

    Googling around finds this Ubuntu issue from 2018 that seems to describe the same problem, but the documented workaround of amdgpu.dc=0 as a kernel parameter does not work. My graphics card decides to go into a glitchfest and the kernel doesn’t even make it past initrd.

    That Ubuntu issue links to this upstream Freedesktop issue, which is old enough to get migrated to this new Freedesktop issue, where some kind soul has put together a patch that applies cleanly on recent kernels. My understanding is that the monitor starts polling its inputs when it enters a DPMS mode, and the patch adjusts the timeouts on the driver to ignore the polling pulses instead of treating them as hotplug events.

    So that’s one level: write a blog post, stuff it with enough keywords that other affected users can find it, tell them to USE THE KERNEL PATCH until a fix is integrated into the mainline. A decent public service, but on its own not interesting.

    On a second level, I’ve recently been experimenting with NixOS as my daily driver and it rises to this challenge in ways that ArchLinux never could.

  • This blog has analytics and a privacy policy now

    Even though the Jekyll Minima theme has off the shelf support for Google Analytics, I decided to be a good internet denizen and use something that preserved visitor privacy.

    I thought that surely in 2021, somebody would have built a simple page view counter that I could just plug into my dinky blog for minimal cost. I ended up evaluating all the popular alternatives: Matamo, Plausible, and Cloudflare analytics.

    As it turns out, all of these are rather expensive. What should have been simple became bespoke and Toph was born. It’s a Cloudflare workers service that sits in between the visitors browser and Google Analytics.

  • PGP encryption subkeys are less useful than I thought

    I recently revisited how I was managing passwords but wanted to maintain the core structure of secrets encrypted via a PGP key. PGP is a good fit here, these secrets are linked to my identity as a person, as opposed to secrets linked to a specific machine or service.

    I already have an established PGP key, but this use case demands distributing decryption capabilities to at least my primary computer and mobile phone. My existing PGP key is already used for a hodge podge of purposes, so to limit scope of compromise, it makes sense to generate an encryption and decryption scheme for the specific purpose of securing my passwords.

    I thought I could simply generate a new PGP subkey tied to my main identity and this idea seems to have some colloquial support:

    Use one primary key for each identity you need, otherwise, use subkeys.


    Examples for using subkeys:

    • You want to use multiple keys for multiple devices (so you won’t have to revoke your computer’s key if you lose your mobile)

    tl;dr: Don’t bother. The PGP ecosystem does not support encryption subkeys for a specific purpose. You should just generate an entirely separate PGP key for your use case. For me securing passwords, I’m not even bothering to publish this new key to keyservers. The rest of this blog post is dedicated to describing the various rabbit holes I explored before settling on this “don’t bother” conclusion.

  • A blog begins...

    I’ve been putting off setting up a blog for far too long. There’s been a bunch of content worth talking about, but it’s been blocked on this grandiose ambition to rethink the medium of the digital written word. If you wish to write a blog from scratch, you must first invent a whole new blogging engine.

    Hopefully that’ll still happen. For now, let’s try low fidelity things and validate that I can even commit to the blogging thing. GitHub Pages. Jekyll. Minima. All content, zero yaks to shave.


Subscribe via RSS.